CVE-2023-46840

CVE-2023-46840 concerns Xen where an incorrect placement of a preprocessor directive in Xen source leads to logic that does not operate as intended when HVM guest support is compiled out. The vulnerability is described across multiple connected advisories (e.g., Nessus/OPENVAS entries and OSV/nvd...

CVE-2023-46840 VT-d: Failure to quarantine devices in !HVM builds

Incorrect placement of a preprocessor directive in source code results in logic that doesn't operate as intended when support for HVM guests is compiled out of Xen...

Chirp Access Trust Management Issues Vulnerability

Chirp Systems Chirp Access is a feature or service from Chirp Systems that helps users access and manage their Chirp accounts. Chirp Access suffers from a trust management issue vulnerability that stems from storing credentials in its source code, which could expose sensitive information to an...

Hackers Claim Accessing 740GB of Data from Viber Messaging App

By Waqas Hackers claim to have breached Viber, stealing 740GB of data, including source code, and are now demanding ransom of 8 Bitcoin. This is a post from HackRead.com Read the original post: Hackers Claim Accessing 740GB of Data from Viber Messaging App...

CVE-2023-43292

Cross Site Scripting vulnerability in My Food Recipe Using PHP with Source Code v.1.0 allows a local attacker to execute arbitrary code via a crafted payload to the Recipe Name, Procedure, and ingredients parameters...

CVE-2023-43292

Cross Site Scripting vulnerability in My Food Recipe Using PHP with Source Code v.1.0 allows a local attacker to execute arbitrary code via a crafted payload to the Recipe Name, Procedure, and ingredients parameters...

CVE-2023-43292

Cross Site Scripting vulnerability in My Food Recipe Using PHP with Source Code v.1.0 allows a local attacker to execute arbitrary code via a crafted payload to the Recipe Name, Procedure, and ingredients parameters...

Cross site scripting

Cross Site Scripting vulnerability in My Food Recipe Using PHP with Source Code v.1.0 allows a local attacker to execute arbitrary code via a crafted payload to the Recipe Name, Procedure, and ingredients parameters...

CVE-2023-43292

Cross Site Scripting vulnerability in My Food Recipe Using PHP with Source Code v.1.0 allows a local attacker to execute arbitrary code via a crafted payload to the Recipe Name, Procedure, and ingredients parameters...

CVE-2023-43292

CVE-2023-43292 is a Cross-Site Scripting vulnerability in the web application "My Food Recipe Using PHP with Source Code" v1.0. Public sources describe that a crafted payload in the Recipe Name, Procedure, or ingredients parameters can allow a local attacker to execute arbitrary code. Multiple bu...

Russian Midnight Blizzard Hackers Breached Microsoft Source Code

By Deeba Ahmed Midnight Blizzard aka Cozy Bear and APT29 originally breached Microsoft on January 12, 2024. This is a post from HackRead.com Read the original post: Russian Midnight Blizzard Hackers Breached Microsoft Source Code...

CVE-2024-2355 keerti1924 Secret-Coder-PHP-Project secret_coder.sql inclusion of sensitive information in source code

A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /secretcoder.sql. The manipulation leads to inclusion of sensitive information in source code. The attack can be launched...

Russian Hackers Stole Microsoft Source Code—and the Attack Isn’t Over

Plus: An ex-Google engineer gets arrested for allegedly stealing trade secrets, hackers breach the top US cybersecurity agency, and X’s new feature exposes sensitive user data...

Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets

Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard aka APT29 or Cozy Bear managed to gain access to some of its source code repositories and internal systems following a hack that came to light in January 2024. "In recent weeks, we have seen evidence that...

Fedora: Security Advisory for jdeparser (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: jdeparser-2.0.3-17.fc40

This project is a fork of Sun's now Oracle's com.sun.codemodel project. We decided to fork the project because by all evidence, the upstream project is dead and not actively accepting outside contribution. All JBoss projects are urged to use this project instead for source code generation...

[SECURITY] Fedora 40 Update: javaparser-3.25.8-3.fc40

This package contains a Java 1 to 13 Parser with AST generation and visitor support. The AST records the source code structure, javadoc and comments. It is also possible to change the AST nodes or create new ones to modify the source code...

Design/Logic Flaw

A vulnerability, which was classified as problematic, was found in keerti1924 PHP-MYSQL-User-Login-System 1.0. This affects an unknown part of the file login.sql. The manipulation leads to inclusion of sensitive information in source code. It is possible to initiate the attack remotely. The explo...

CVE-2024-2265

CVE-2024-2265 affects the keerti1924 PHP-MYSQL-User-Login-System 1.0. The issue is in an unknown part of login.sql and results in inclusion of sensitive information in the source code, exposing confidential data. Attacks are described as remote, with the exploit publicly disclosed. Multiple conne...

CVE-2024-2265 keerti1924 PHP-MYSQL-User-Login-System login.sql inclusion of sensitive information in source code

A vulnerability, which was classified as problematic, was found in keerti1924 PHP-MYSQL-User-Login-System 1.0. This affects an unknown part of the file login.sql. The manipulation leads to inclusion of sensitive information in source code. It is possible to initiate the attack remotely. The explo...